US11385893B2 - Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations - Google Patents

Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations Download PDF

Info

Publication number
US11385893B2
US11385893B2 US17/048,262 US201917048262A US11385893B2 US 11385893 B2 US11385893 B2 US 11385893B2 US 201917048262 A US201917048262 A US 201917048262A US 11385893 B2 US11385893 B2 US 11385893B2
Authority
US
United States
Prior art keywords
value
masked
boolean
xor
computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
US17/048,262
Other versions
US20210157586A1 (en
Inventor
David Vigilant
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales DIS France SAS
Original Assignee
Thales DIS France SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales DIS France SA filed Critical Thales DIS France SA
Assigned to THALES DIS FRANCE SA reassignment THALES DIS FRANCE SA ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VIGILANT, DAVID
Publication of US20210157586A1 publication Critical patent/US20210157586A1/en
Application granted granted Critical
Publication of US11385893B2 publication Critical patent/US11385893B2/en
Assigned to THALES DIS FRANCE SAS reassignment THALES DIS FRANCE SAS ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: THALES DIS FRANCE SA
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30007Arrangements for executing specific machine instructions to perform operations on data operands
    • G06F9/30029Logical and Boolean instructions, e.g. XOR, NOT
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30007Arrangements for executing specific machine instructions to perform operations on data operands
    • G06F9/3001Arithmetic instructions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • G06F21/755Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • G06F2207/7223Randomisation as countermeasure against side channel attacks
    • G06F2207/7233Masking, e.g. (A**e)+r mod n
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/04Masking or blinding
    • H04L2209/046Masking or blinding of operations, operands or results of the operations

Definitions

  • the present invention relates to the field of cryptographic methods and devices protected against side channel analysis, and more particularly to protecting against side-channel attacks a cryptographic algorithm mixing Boolean and arithmetic operations.
  • Cryptographic algorithms are commonly used for ensuring the privacy of communications by encryption, for authentication or for generating a verifiable signature. Such cryptographic algorithms are sensitive to side-channel attacks, based on an analysis of the power consumption or electromagnetic signature of the device performing the encryption.
  • a commonly used countermeasure against side-channel attacks is the masking of the intermediate values of an encryption process with a random mask. In that case, an attacker performing a side-channel attack at a given point of the encryption process would only get random values and would not obtain any information on the secret key used for the cryptographic process.
  • Some cryptographic algorithms may mix Boolean and arithmetic operations such as MD5 or SHA hash functions or some block cipher algorithms. Since arithmetic operations and Boolean operations are not commutative, arithmetic masking and Boolean masking are not compatible and keeping all intermediate results of such algorithms masked may prove difficult: obtaining a masked result of an arithmetic operation between two values requires more than just performing said arithmetic operation on these two values masked by Boolean masks.
  • a first way to deal with such an issue is to perform conversion between Arithmetic and Boolean masking when needed for having intermediate values masked using the kind of masking compatible with the next operation to be performed.
  • Such an approach was proposed for example in L. Goubin “ A sound method for switching between Boolean and Arithmetic masking ”.
  • the main drawback of such an approach is its cost for performing Arithmetic to Boolean masking, which depends linearly on the size of the values and masks to be handled.
  • the method was improved using precomputation of tables, such as in J. S. Coron, A. Tchulkine “ A new algorithm for switching from arithmetic to boolean masking ”. Nevertheless, the global computation time of such a method still strongly depends on the values and masks to be handled.
  • this invention therefore relates to a method secured against side channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations,
  • a cryptographic device comprising a processing system having at least one hardware processor, and said operation has a first value and a second value as operands
  • Each computing step may combine a plurality of values among: said first masked value, said second masked value, said first value masked by said second Boolean mask, said second value masked by said first Boolean mask, said first value masked with said second masked value as Boolean mask, said second value masked with said first masked value as Boolean mask, said first boolean mask, and said second boolean mask.
  • said computing steps comprise:
  • said computing steps comprise:
  • said computing steps comprise:
  • Such methods enable to perform said arithmetic operation on values masked by Boolean masks in a number of elementary operations that does not depend on the size of the operands of the operation, while keeping at all times all intermediate values and result values masked and therefore protected against a side channel attack.
  • Such methods may comprise blinding two values among the first, second and third intermediate values computed during said first, second and third computing steps using a random value.
  • Such an additional blinding enables to increase even more the protection of the method against side channel analysis.
  • the step of blinding an intermediate value may comprise:
  • the cryptographic algorithm may perform functions among a hash function, a block cipher and a stream cipher.
  • the hash function may be among MD5, SHA1, SHA256, SHA512, Skein functions
  • the block cipher may be among XTEA, FEAL, SPECK, Threefish functions and/or the stream cipher may be among Salsa20, ChaCha functions.
  • this invention therefore relates also to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions for performing the steps of the methods according to the first aspect when said product is run on the computer.
  • this invention therefore relates also to a non-transitory computer readable medium storing executable computer code that when executed by a cryptographic device comprising a processing system having at least one hardware processor performs the methods according to the first aspect.
  • this invention therefore relates also to a cryptographic device comprising:
  • FIG. 1 is a schematic illustration of a system according to an embodiment of the present invention
  • FIG. 2 is a schematic illustration of a cryptographic device according to an embodiment of the present invention.
  • FIGS. 3, 3 a , 3 b , 3 c illustrate schematically a method according the present invention and several embodiments of the present invention.
  • the invention aims at providing a method performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations, in a way that is secured against side channel attacks.
  • This cryptographic algorithm may perform functions comprising both types of operations, such as a hash function, like MD5, SHA1, SHA256, SHA512 or Skein functions, a block cipher like XTEA, FEAL, SPECK (https://eprint.iacr.org/2013/404.pdf) or Threefish functions, or a stream cipher like Salsa20 or ChaCha functions.
  • this method is performed by a cryptographic device 101 .
  • a cryptographic device 101 may be connected to a personal computer or server 102 operated by a user and sending commands to the cryptographic device for cryptographic operations such as data encryption or decryption.
  • the cryptographic device 101 may be embedded in the computer 102 .
  • the cryptographic device 101 may include or be a tamper resistant device 103 secured against any unauthorized access including a processing system having at least one hardware processor for performing cryptographic operations, and at least one memory configured for storing the data needed for such operations, such as operands, intermediate results, mask values . . . .
  • a cryptographic device may for example be a smartcard reader housing a smartcard device, or an electronic device, such as a smartphone, including an embedded smartchip.
  • the cryptographic device 101 may include a processing system 201 having at least one hardware processor, connected via a bus 202 to a computer readable memory circuit including a random access memory (RAM) 203 , a read-only memory (ROM) 204 , and/or a non-volatile memory (NVM) 205 .
  • the cryptographic device 101 may also include a random number generator (RNG) 206 , included in the hardware processor or connected to it via the bus.
  • the cryptographic device 101 may further include an interface 207 used to connect the cryptographic device 101 to the computer 102 .
  • Such an interface may be either a wired interface such as a USB, Ethernet or Thunderbolt interface, or a wireless interface, such as a Bluetooth interface.
  • the interface 207 may also be used to connect the cryptographic device 101 to a wireless network, e.g., wide-area networks, WiFi networks, or mobile telephony networks through which communication may be performed with the computer 102 .
  • the “+” sign will be used to represent said arithmetic operation and the “modulo 2 ⁇ circumflex over ( ) ⁇ k” will be omitted.
  • the aim of the method is to compute the result of the arithmetic operation having said first value x and said second value y as operands, for example x+y. In order to keep the result secured against side channel analysis, it shall be provided under a masked state.
  • the method according to the invention is designed to be used when an arithmetic operation shall be performed after a Boolean operation of the cryptographic algorithm mixing Boolean and arithmetic operations has been performed and has outputted values masked by Boolean masks. Therefore, during a first step S 1 , the cryptographic device 101 shall obtain the operands of the operation x and y, masked by Boolean masks.
  • the expression “value masked by a Boolean mask” or “boolean masked value” is used to describe the result of performing a Boolean operation, such as a Boolean exclusive OR operation, XOR, between the value to be masked and another value to be used as mask.
  • a Boolean mask For example, masking a value v by a Boolean mask m produces a Boolean masked value v xor m.
  • the expression “masked by an arithmetic mask” is used to describe the result of performing an arithmetic operation, noted by the sign “+” as mentioned here above, such as an addition or subtraction, between a value to be masked and another value to be used as mask.
  • the value to be used as mask is called an arithmetic mask.
  • masking a value v by an arithmetic mask n produces a masked value v+n.
  • the cryptographic device 101 shall obtain:
  • Such values may for example be read from the RAM 203 , the ROM 204 , and/or the NVM 205 of the cryptographic device 101 .
  • the cryptographic device may perform in any order a plurality of computing steps combining values among the first masked value x′, the second masked value y′, the first Boolean mask r x and the second Boolean mask r y to obtain a boolean masked result equal to the result of the arithmetic operation having the first value x and the second value y as operands, masked by a third boolean mask r x xor r y resulting from performing a XOR operation between the first Boolean mask r x and the second Boolean mask r y .
  • such computing steps compute the value (x+y) xor (r x xor r y ).
  • These computing steps are executed by the hardware processor of the cryptographic device by performing a constant number of elementary operations whatever the bit-size of the first and second values x and y.
  • Performing an elementary operation may require performing one or more basic CPU instructions, depending on the number of basic CPU instructions required for applying the operation to operands of a given bit-size, which itself depends on the size of the registers and the buses of the hardware processor. For example a 32-bit processor may need only one basic instruction for performing an elementary operation on operands of a size up to 32 bits; but it may require at least two basic instructions for performing the same elementary operation on operands of a bigger size.
  • these computing steps may be executed by the hardware processor of the cryptographic device by performing a first constant number of elementary operations when operands x and y have a bit-size lower or equal than the size of the registers and the buses of the hardware processor; they may be executed by the hardware processor of the cryptographic device by performing a second constant number of elementary operations when operands x and y have a bit-size between this registers/buses size and twice that size; and so on . . . .
  • the cryptographic device outputs said boolean masked result of the arithmetic operation between said first value x and said second value y.
  • This boolean masked result is equal to (x+y) xor (r x xor r y ).
  • the cryptographic device may combine, at each computing step, a plurality of values among the first masked value x′, the second masked value y′, the first value x masked by the second Boolean mask r y , the second value y masked by the first Boolean mask r x , the first value x masked by the second masked value y′ as Boolean mask, the second value y masked by the first masked value x′ as Boolean mask, the first boolean mask r x , and the second boolean mask r y
  • the second step S 2 comprises:
  • the Boolean masked result (x+y) xor (r x xor r y ) is computed, from the values obtained during the first step S 1 , by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
  • the second step S 2 comprises:
  • the Boolean masked result (x+y) xor (r x xor r y ) is also computed, from the values obtained during the first step S 1 , by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
  • the second step S 2 comprises:
  • first value x unmasked In order to avoid manipulating the first value x unmasked, it may be replaced in the formula above by x′ xor r x .
  • the Boolean masked result (x+y) xor (r x xor r y ) is also computed, from the values obtained during the first step S 1 , by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
  • two values among the first, second and third intermediate values A, B and C computed during the first, second and third computing steps may be blinded by a random value Rand.
  • the method may comprise a blinding step S 25 , during which the cryptographic device arithmetically masks two values among the first, second and third intermediate values by performing an arithmetic operation with the random value Rand.
  • the cryptographic device performs:
  • the cryptographic device performs:
  • the cryptographic device performs:
  • the cryptographic device shall, in addition during the blinding step S 25 , perform an arithmetic masking to boolean masking conversion of these arithmetically masked intermediate values into Boolean masked intermediate values masked by the random value Rand. Such a conversion may be performed using a conversion function CONV.
  • the cryptographic device shall turn values A+Rand and B+Rand into A xor Rand and B xor Rand.
  • the cryptographic device performs:
  • the cryptographic device performs:
  • the cryptographic device performs:
  • the conversion function CONV may be a precomputed Look-Up Table. But such a precomputed LUT performing a masking conversion may become very large as the bit-size k of the first and second intermediate values A and B, and of the first and second values x and y, increases.
  • masking conversion of A+Rand or B+Rand may be performed by processing in parallel chuncks of size s.
  • A A m ⁇ 1
  • a 0 and D D m ⁇ 1
  • D xor Rand D m ⁇ 1 xor mini-rand
  • the second step S 2 comprises the following computations, using the same notations as above:
  • this invention therefore relates also to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions for performing the steps of the methods according to the first aspect when said product is run on the computer.
  • this invention therefore relates also to a non-transitory computer readable medium storing executable computer code that when executed by a cryptographic device comprising a processing system having at least one hardware processor performs the methods according to the first aspect.
  • this invention therefore relates also to a cryptographic device 101 comprising:

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)
  • Executing Machine-Instructions (AREA)

Abstract

The present invention relates to a method secured against side channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations, wherein said method is performed by a cryptographic device comprising a processing system having at least one hardware processor, and said operation has a first value (x) and a second value (y) as operands, comprising: —obtaining (S1) a first masked value (x′), a second masked value (y′), a first Boolean mask (rx), a second Boolean mask (ry), said first masked value (x′) resulting from masking said first value (x) by said first Boolean mask (rx) by performing a Boolean exclusive OR (XOR) operation between said first value (x) and said first Boolean mask (rx), and said second masked value (y′) resulting from masking said second value (y) by said second Boolean mask (ry) by performing a Boolean exclusive OR (XOR) operation between said second value (y) and said second Boolean mask (ry), —performing (S2) in any order a plurality of computing steps combining values among said first masked value (x′), said second masked value (y′), said first Boolean mask (rx) and said second Boolean mask (ry) to obtain a boolean masked result equal to the result of the arithmetic operation having said first value (x) and said second value (y) as operands, masked by a third boolean mask (rx xor ry) resulting from performing said Boolean exclusive OR (XOR) operation between said first Boolean mask (rx) and said second Boolean mask (ry) ((x+y) xor (rx xor ry)), wherein said computing steps perform Boolean exclusive OR (XOR) operations or arithmetic operations between said values without disclosing any information relative to the first and second values and, wherein said computing steps are executed by the hardware processor by performing a constant number of elementary operations whatever the bit-size of said first and second values, —outputting (S3) said boolean masked result of the arithmetic operation between said first value (x) and said second value (y).

Description

FIELD OF THE INVENTION
The present invention relates to the field of cryptographic methods and devices protected against side channel analysis, and more particularly to protecting against side-channel attacks a cryptographic algorithm mixing Boolean and arithmetic operations.
BACKGROUND OF THE INVENTION
Cryptographic algorithms are commonly used for ensuring the privacy of communications by encryption, for authentication or for generating a verifiable signature. Such cryptographic algorithms are sensitive to side-channel attacks, based on an analysis of the power consumption or electromagnetic signature of the device performing the encryption.
A commonly used countermeasure against side-channel attacks is the masking of the intermediate values of an encryption process with a random mask. In that case, an attacker performing a side-channel attack at a given point of the encryption process would only get random values and would not obtain any information on the secret key used for the cryptographic process.
Some cryptographic algorithms may mix Boolean and arithmetic operations such as MD5 or SHA hash functions or some block cipher algorithms. Since arithmetic operations and Boolean operations are not commutative, arithmetic masking and Boolean masking are not compatible and keeping all intermediate results of such algorithms masked may prove difficult: obtaining a masked result of an arithmetic operation between two values requires more than just performing said arithmetic operation on these two values masked by Boolean masks.
A first way to deal with such an issue is to perform conversion between Arithmetic and Boolean masking when needed for having intermediate values masked using the kind of masking compatible with the next operation to be performed. Such an approach was proposed for example in L. Goubin “A sound method for switching between Boolean and Arithmetic masking”. The main drawback of such an approach is its cost for performing Arithmetic to Boolean masking, which depends linearly on the size of the values and masks to be handled. The method was improved using precomputation of tables, such as in J. S. Coron, A. Tchulkine “A new algorithm for switching from arithmetic to boolean masking”. Nevertheless, the global computation time of such a method still strongly depends on the values and masks to be handled.
Another approach was proposed in EP2884387B1, in which operands of an arithmetic operation to be performed are redefined in order to accept as input values masked using a Boolean mask and to output the result of this arithmetic operation applied to the corresponding unmasked input values, masked by another Boolean mask. Nevertheless, the proposed algorithm also requires for defining such an operator a number of operations linearly depending on the size of the input values and of the masks to be processed.
As a result, there is a need for a method enabling to perform an arithmetic operation on values masked by Boolean masks and requiring to perform a reduced number of operations.
SUMMARY OF THE INVENTION
For this purpose and according to a first aspect, this invention therefore relates to a method secured against side channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations,
wherein said method is performed by a cryptographic device comprising a processing system having at least one hardware processor, and said operation has a first value and a second value as operands,
comprising:
    • obtaining a first masked value, a second masked value, a first Boolean mask, a second Boolean mask,
    • said first masked value resulting from masking said first value by said first Boolean mask by performing a Boolean exclusive OR (XOR) operation between said first value and said first Boolean mask,
    • and said second masked value resulting from masking said second value by said second Boolean mask by performing a Boolean exclusive OR (XOR) operation between said second value and said second Boolean mask,
    • performing in any order a plurality of computing steps combining values among said first masked value, said second masked value, said first Boolean mask and said second Boolean mask to obtain a boolean masked result equal to the result of the arithmetic operation having said first value and said second value as operands, masked by a third boolean mask resulting from performing said Boolean exclusive OR (XOR) operation between said first Boolean mask and said second Boolean mask,
    • wherein said computing steps perform Boolean exclusive OR (XOR) operations or arithmetic operations between said values without disclosing any information relative to the first and second values and,
    • wherein said computing steps are executed by the hardware processor by performing a constant number of elementary operations whatever the bit-size of said first and second values,
    • outputting said boolean masked result of the arithmetic operation between said first value and said second value.
Each computing step may combine a plurality of values among: said first masked value, said second masked value, said first value masked by said second Boolean mask, said second value masked by said first Boolean mask, said first value masked with said second masked value as Boolean mask, said second value masked with said first masked value as Boolean mask, said first boolean mask, and said second boolean mask.
According to a first embodiment, said computing steps comprise:
    • a first computing step computing a first intermediate value A from said first masked value x′, said second boolean mask ry, said second masked value y′ and said first boolean mask rx such that A=(x′ xor ry)+(y′ xor rx),
    • a second computing step computing a second intermediate value B from said first masked value x′, said second masked value y′, said first boolean mask rx, and said second boolean mask ry such that B=(x′ xor y′)+(rx xor ry),
    • a third computing step computing a third intermediate value C from said first masked value x′, said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR (XOR) operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a subtraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
According to a second embodiment, said computing steps comprise:
    • a first computing step computing a first intermediate value A from said first boolean mask rx, and said second value y masked with said first masked value x′ as Boolean mask such that A=rx+(y xor x′),
    • a second computing step computing a second intermediate value B from said first masked value x′ and said second value y masked by said first Boolean mask rx such that B=x′+(y xor rx),
    • a third computing step computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step computing said boolean masked result of the arithmetic operation between said first value x and said second value y by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a subtraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
According to a third embodiment, said computing steps comprise:
    • a first computing step computing a first intermediate value A from said second boolean mask ry and said first value x masked with said second masked value y′ as Boolean mask such that A=ry+(x xor y′),
    • a second computing step computing a second intermediate value B from said second masked value y′ and said first value x masked by said second Boolean mask ry such that B=y′+(x xor ry),
    • a third computing step computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a subtraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said Boolean exclusive OR operation.
Such methods enable to perform said arithmetic operation on values masked by Boolean masks in a number of elementary operations that does not depend on the size of the operands of the operation, while keeping at all times all intermediate values and result values masked and therefore protected against a side channel attack.
Such methods may comprise blinding two values among the first, second and third intermediate values computed during said first, second and third computing steps using a random value.
Such an additional blinding enables to increase even more the protection of the method against side channel analysis.
The step of blinding an intermediate value may comprise:
    • arithmetically masking said intermediate value by performing an arithmetic operation with said random value,
    • and performing an arithmetic masking to boolean masking conversion of said arithmetically masked intermediate value into a Boolean masked intermediate value masked by the random value using a precomputed table.
The cryptographic algorithm may perform functions among a hash function, a block cipher and a stream cipher.
The hash function may be among MD5, SHA1, SHA256, SHA512, Skein functions, the block cipher may be among XTEA, FEAL, SPECK, Threefish functions and/or the stream cipher may be among Salsa20, ChaCha functions.
According to a second aspect, this invention therefore relates also to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions for performing the steps of the methods according to the first aspect when said product is run on the computer.
According to a third aspect, this invention therefore relates also to a non-transitory computer readable medium storing executable computer code that when executed by a cryptographic device comprising a processing system having at least one hardware processor performs the methods according to the first aspect.
According to a fourth aspect, this invention therefore relates also to a cryptographic device comprising:
    • a processing system having at least one hardware processor (201) configured to perform the methods according to the first aspect,
    • at least one memory for storing the first and second masked values and the results of the calculations performed during the different computing steps.
BRIEF DESCRIPTION OF THE DRAWINGS
The following description and the annexed drawings set forth in detail certain illustrative aspects and are indicative of but a few of the various ways in which the principles of the embodiments may be employed. Other advantages and novel features will become apparent from the following detailed description when considered in conjunction with the drawings and the disclosed embodiments are intended to include all such aspects and their equivalents.
FIG. 1 is a schematic illustration of a system according to an embodiment of the present invention;
FIG. 2 is a schematic illustration of a cryptographic device according to an embodiment of the present invention;
FIGS. 3, 3 a, 3 b, 3 c illustrate schematically a method according the present invention and several embodiments of the present invention.
 DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION
In the description detailed below, reference is made to the accompanying drawings that show, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It is to be understood that the various embodiments of the invention, although different, are not necessarily mutually exclusive. For example, a particular feature, structure, or characteristic described herein in connection with one embodiment may be implemented within other embodiments without departing from the spirit and scope of the invention. In addition, it is to be understood that the location or arrangement of individual elements within each disclosed embodiment may be modified without departing from the spirit and scope of the invention. The description detailed below is, therefore, not to be taken in a limiting sense, and the scope of the present invention is defined only by the appended claims, appropriately interpreted, along with the full range of equivalents to which the claims are entitled.
The invention aims at providing a method performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations, in a way that is secured against side channel attacks. This cryptographic algorithm may perform functions comprising both types of operations, such as a hash function, like MD5, SHA1, SHA256, SHA512 or Skein functions, a block cipher like XTEA, FEAL, SPECK (https://eprint.iacr.org/2013/404.pdf) or Threefish functions, or a stream cipher like Salsa20 or ChaCha functions.
As depicted on FIG. 1, this method, and possibly the other steps of the cryptographic algorithm, is performed by a cryptographic device 101. Such a cryptographic device 101 may be connected to a personal computer or server 102 operated by a user and sending commands to the cryptographic device for cryptographic operations such as data encryption or decryption. Alternatively, the cryptographic device 101 may be embedded in the computer 102.
The cryptographic device 101 may include or be a tamper resistant device 103 secured against any unauthorized access including a processing system having at least one hardware processor for performing cryptographic operations, and at least one memory configured for storing the data needed for such operations, such as operands, intermediate results, mask values . . . . Such a cryptographic device may for example be a smartcard reader housing a smartcard device, or an electronic device, such as a smartphone, including an embedded smartchip.
As depicted on FIG. 2, the cryptographic device 101 may include a processing system 201 having at least one hardware processor, connected via a bus 202 to a computer readable memory circuit including a random access memory (RAM) 203, a read-only memory (ROM) 204, and/or a non-volatile memory (NVM) 205. The cryptographic device 101 may also include a random number generator (RNG) 206, included in the hardware processor or connected to it via the bus. The cryptographic device 101 may further include an interface 207 used to connect the cryptographic device 101 to the computer 102. Such an interface may be either a wired interface such as a USB, Ethernet or Thunderbolt interface, or a wireless interface, such as a Bluetooth interface. The interface 207 may also be used to connect the cryptographic device 101 to a wireless network, e.g., wide-area networks, WiFi networks, or mobile telephony networks through which communication may be performed with the computer 102.
The following paragraphs describe, as depicted on FIG. 3, the steps of a method secured against side channel attacks and performing an arithmetic operation of the cryptographic algorithm mixing Boolean and arithmetic operations, performed by the cryptographic device 101 according to a first aspect of the invention.
Such an operation may for example be an addition or an subtraction modulo 2{circumflex over ( )}k with k>=1 an integer, for example equal to 8, 16, 32 or 64. It is performed between a first value x and a second value y as operands, said operands having a bit-size equal to k. For simplicity, in the formula given in the next paragraphs, the “+” sign will be used to represent said arithmetic operation and the “modulo 2{circumflex over ( )}k” will be omitted. This means that the aim of the method is to compute the result of the arithmetic operation having said first value x and said second value y as operands, for example x+y. In order to keep the result secured against side channel analysis, it shall be provided under a masked state.
The method according to the invention is designed to be used when an arithmetic operation shall be performed after a Boolean operation of the cryptographic algorithm mixing Boolean and arithmetic operations has been performed and has outputted values masked by Boolean masks. Therefore, during a first step S1, the cryptographic device 101 shall obtain the operands of the operation x and y, masked by Boolean masks.
In the following paragraphs, the expression “value masked by a Boolean mask” or “boolean masked value” is used to describe the result of performing a Boolean operation, such as a Boolean exclusive OR operation, XOR, between the value to be masked and another value to be used as mask. In that case, the value to be used as mask is called a Boolean mask. For example, masking a value v by a Boolean mask m produces a Boolean masked value v xor m.
Similarly, the expression “masked by an arithmetic mask” is used to describe the result of performing an arithmetic operation, noted by the sign “+” as mentioned here above, such as an addition or subtraction, between a value to be masked and another value to be used as mask. In that case, the value to be used as mask is called an arithmetic mask. For example, masking a value v by an arithmetic mask n produces a masked value v+n.
During the first step S1, the cryptographic device 101 shall obtain:
a first Boolean masked value x′, then called first masked value, resulting from masking the first value x by a first Boolean mask rx, by performing a Boolean exclusive OR, XOR, operation between the first value x and the first Boolean mask rx: x′=x XOR rx,
a second Boolean masked value y′, then called second masked value, resulting from masking the second value y by the second Boolean mask ry, by performing a Boolean exclusive OR, XOR, operation between the second value y and the second Boolean mask ry: y′=y XOR ry,
the first Boolean mask rx and the second Boolean mask ry. Such values may for example be read from the RAM 203, the ROM 204, and/or the NVM 205 of the cryptographic device 101.
Then, during a second step S2, the cryptographic device may perform in any order a plurality of computing steps combining values among the first masked value x′, the second masked value y′, the first Boolean mask rx and the second Boolean mask ry to obtain a boolean masked result equal to the result of the arithmetic operation having the first value x and the second value y as operands, masked by a third boolean mask rx xor ry resulting from performing a XOR operation between the first Boolean mask rx and the second Boolean mask ry. Said differently, such computing steps compute the value (x+y) xor (rx xor ry).
These computing steps perform XOR operations or arithmetic operations between said combined values without disclosing any information relative to the first and second values x and y, which means that they manipulate masked values only.
These computing steps are executed by the hardware processor of the cryptographic device by performing a constant number of elementary operations whatever the bit-size of the first and second values x and y.
Performing an elementary operation, such as a “+” or a XOR operation, may require performing one or more basic CPU instructions, depending on the number of basic CPU instructions required for applying the operation to operands of a given bit-size, which itself depends on the size of the registers and the buses of the hardware processor. For example a 32-bit processor may need only one basic instruction for performing an elementary operation on operands of a size up to 32 bits; but it may require at least two basic instructions for performing the same elementary operation on operands of a bigger size.
Consequently, assuming that a X-bit processor needs only Y basic instruction for performing an elementary operation on operands of a size up to Y*X bits, these computing steps may be executed by the hardware processor of the cryptographic device by performing a first constant number of elementary operations when operands x and y have a bit-size lower or equal than the size of the registers and the buses of the hardware processor; they may be executed by the hardware processor of the cryptographic device by performing a second constant number of elementary operations when operands x and y have a bit-size between this registers/buses size and twice that size; and so on . . . .
Then, during a third step S3, the cryptographic device outputs said boolean masked result of the arithmetic operation between said first value x and said second value y. This boolean masked result is equal to (x+y) xor (rx xor ry).
During the second step S2, in order to compute said Boolean masked result, the cryptographic device may combine, at each computing step, a plurality of values among the first masked value x′, the second masked value y′, the first value x masked by the second Boolean mask ry, the second value y masked by the first Boolean mask rx, the first value x masked by the second masked value y′ as Boolean mask, the second value y masked by the first masked value x′ as Boolean mask, the first boolean mask rx, and the second boolean mask ry
In a first embodiment, as depicted on FIG. 3a , the second step S2 comprises:
    • a first computing step S21 during which the cryptographic device computes a first intermediate value A from said first masked value x′, said second boolean mask ry, said second masked value y′ and said first boolean mask rx such that A=(x′ xor ry)+(y′ xor rx),
    • a second computing step S22 during which the cryptographic device computes a second intermediate value B from said first masked value x′, said second masked value y′, said first boolean mask rx, and said second boolean mask ry such that B=(x′ xor y′)+(rx xor ry),
    • a third computing step S23 during which the cryptographic device computes a third intermediate value C from said first masked value x′, said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step S24 during which the cryptographic device computes said boolean masked result of the arithmetic operation between said first value x and said second value y by performing said XOR operation between said first, second, and third intermediate values. Said differently, the cryptographic device computes A xor B xor C which is equal to (x+y) xor (rx xor ry).
In this first embodiment, the Boolean masked result (x+y) xor (rx xor ry) is computed, from the values obtained during the first step S1, by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
In a second embodiment, as depicted on FIG. 3b , the second step S2 comprises:
    • a first computing step S21′ during which the cryptographic device computes a first intermediate value A from said first boolean mask rx, and said second value y masked by said first masked value x′ as Boolean mask such that A=rx+(y xor x′),
    • a second computing step S22′ during which the cryptographic device computes a second intermediate value B from said first masked value x′ and said second value y masked by said first Boolean mask rx such that B=x′+(y xor rx),
    • a third computing step S23′ during which the cryptographic device computes a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step S24′ during which the cryptographic device computes said boolean masked result of the arithmetic operation between said first value x and said second value y by performing a XOR operation between the first, second, and third intermediate values. Said differently, the cryptographic device computes A xor B xor C which is equal to (x+y) xor (rx xor ry).
In order to avoid manipulating the second value y unmasked, it may be replaced in the formula above by y′ xor ry. In order to avoid computing the unmasked second value y at any time, computations may be performed in the following order during the first computing step S21′: A=rx+((y′ xor x′) xor ry) and during the second computing step S22′: B=x′+((y′ xor rx) xor ry). In that case, in this second embodiment, the Boolean masked result (x+y) xor (rx xor ry) is also computed, from the values obtained during the first step S1, by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
In a third embodiment, as depicted on FIG. 3c , the second step S2 comprises:
    • a first computing step S21″ during which the cryptographic device computes a first intermediate value A from said second boolean mask ry and said first value x masked with said second masked value y′ as Boolean mask such that A=ry+(x xor y′),
    • a second computing step S22″ during which the cryptographic device computes a second intermediate value B from said second masked value y′ and said first value x masked by said second Boolean mask ry such that B=y′+(x xor ry),
    • a third computing step S23″ during which the cryptographic device computes a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
    • a fourth computing step S24″ during which the cryptographic device computes said boolean masked result of the arithmetic operation between said first value x and said second value y by performing a XOR operation between said first, second, and third intermediate values. Said differently, the cryptographic device computes A xor B xor C which is equal to (x+y) xor (rx xor ry).
In order to avoid manipulating the first value x unmasked, it may be replaced in the formula above by x′ xor rx. In order to avoid computing the unmasked first value x at any time, computations may be performed in the following order during the first computing step S21″: A=ry+((x′ xor y′) xor rx) and during the second computing step S22″: B=y′+((x′ xor ry) xor rx). In that case, in this second embodiment, the Boolean masked result (x+y) xor (rx xor ry) is also computed, from the values obtained during the first step S1, by performing only nine elementary operations (7 XOR and 2 arithmetic operations), whatever the bit-size of the first and second values, x and y, may be.
In order to increase even more the protection of the method against side channel analysis, two values among the first, second and third intermediate values A, B and C computed during the first, second and third computing steps may be blinded by a random value Rand.
In order to do so, the method may comprise a blinding step S25, during which the cryptographic device arithmetically masks two values among the first, second and third intermediate values by performing an arithmetic operation with the random value Rand.
In the next paragraphs the sign “←” is used to describe value allocation and the first and second intermediate values are the ones arithmetically masked, as an example.
In the first embodiment, the cryptographic device performs:
    • A←A+Rand, ie finally A=(x′ xor ry)+(y′ xor rx)+Rand, and
    • B←B+Rand, ie finally B=(x′ xor y′)+(rx xor ry)+Rand
In the second embodiment, the cryptographic device performs:
    • A←A+Rand, ie finally A=rx+(y xor x′)+Rand, and
    • B←B+Rand, ie finally B=x′+(y xor rx)+Rand
In the third embodiment, the cryptographic device performs:
    • A←A+Rand, ie finally A=ry+(x xor y′)+Rand, and
    • B←B+Rand, ie finally B=y′+(x xor ry)+Rand
In order to be able to obtain the boolean masked result (x+y) xor (rx xor ry) from the operation A xor B xor C during the fourth computing step, the cryptographic device shall, in addition during the blinding step S25, perform an arithmetic masking to boolean masking conversion of these arithmetically masked intermediate values into Boolean masked intermediate values masked by the random value Rand. Such a conversion may be performed using a conversion function CONV.
Said differently, the cryptographic device shall turn values A+Rand and B+Rand into A xor Rand and B xor Rand.
In the first embodiment, the cryptographic device performs:
    • A←CONV(A), ie finally A=(x′ xor ry)+(y′ xor rx) xor Rand, and
    • B←CONV(B), ie finally B=(x′ xor y′)+(rx xor ry) xor Rand
In the second embodiment, the cryptographic device performs:
    • A←CONV(A), ie finally A=rx+(y xor x′) xor Rand, and
    • B←CONV(B), ie finally B=x′+(y xor rx) xor Rand
In the third embodiment, the cryptographic device performs:
    • A←CONV(A), ie finally A=ry+(x xor y′) xor Rand, and
    • B←CONV(B), ie finally B=y′+(x xor ry) xor Rand.
By doing so, when performing A xor B xor C in the fourth computing step, Boolean masking of A and B by Rand cancel each other and the operation provides the boolean masked result (x+y) xor (rx xor ry) as expected.
The conversion function CONV may be a precomputed Look-Up Table. But such a precomputed LUT performing a masking conversion may become very large as the bit-size k of the first and second intermediate values A and B, and of the first and second values x and y, increases.
It is possible to perform such a conversion using a precomputed LUT T of limited size when the bit-size k of the first and second values x and y is a multiple of another lower integer value: k=m*s. In that case the random value may be chosen as the result of concatenating m times another random value mini-rand of size s:
Rand=mini-rand|mini-rand| . . . |mini-rand m times.
Then, masking conversion of A+Rand or B+Rand may be performed by processing in parallel chuncks of size s. The values to be converted may be sliced in chuncks of such a size s and each chunck may be converted by applying a conversion LUT T converting an input value of size s arithmetically masked by mini-rand into the same value Boolean masked by mini-rand: T(Z+mini-rand)=Z xor mini-rand for any value Z of size s.
An example is given here of the conversion of the first intermediate value A. After blinding this value with the random value Rand, the first intermediate value is under the form A=D+Rand, the actual value of D depending on the embodiment.
By slicing it into chuncks Ai, Di of size s, A and D may be written
A=Am−1|Am−2| . . . |A1|A0 and D=Dm−1|Dm−2| . . . |D1|D0
With Ai=Dii+mini-rand+ci
With c0=0
and ci the carry from the previous chuncki−1 for i>0:
    • ci=1 if Ai−1<mini-rand
    • ci=0 if Ai−1>=mini-rand
The result of the masking conversion to be obtained is D xor Rand=Dm−1 xor mini-rand|Dm−2 xor mini-rand| . . . |D1 xor mini-rand|D0 xor mini-rand.
In order to obtain such a result, the blinding step S25 may include computing a concatenation of the values equal to T(Ai−ci) with 0<=i<m.
Indeed T(Ai−ci)=T(Di+mini-rand)=Di xor mini-rand
An example of implementation of the first embodiment is now given in which the length of the first and second values is 32 bits, the mini-rand r is 8 bit long.
In this implementation, the second step S2 comprises the following computations, using the same notations as above:
1. C x′←xor y′
2. E←rx xor ry
3. F←C+Rand
4. B←E+F B being arithmetically masked by Rand
5. c0←0
6. From i from 0 to m−1
    • a. DBi←T(Bi−ci mod 2k/m)
    • b. If Bi<mini-rand, then ci+1=1
    • c. else if Bi>mini-rand, ci+1=0
7. G←C xor DB with DB=DB m−1|DB m−2| . . . |DB 1|DB 0
8. H←rx xor y′
9. L←ry xor x′
10. M←H+Rand
11. A←L+M A being arithmetically masked by Rand
12. c0←0
13. From i from 0 to m−1
    • a. DAi←T(Ai−ci mod 2k/m)
    • b. If Ai<mini-rand, then ci+1=1
    • c. else if Ai>mini-rand, ci+1=0
14. R←DA xor G with DA=DA m−1|DA m−2| . . . |DA 1|DA 0
15. Return(R)
According to a second aspect, this invention therefore relates also to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions for performing the steps of the methods according to the first aspect when said product is run on the computer.
According to a third aspect, this invention therefore relates also to a non-transitory computer readable medium storing executable computer code that when executed by a cryptographic device comprising a processing system having at least one hardware processor performs the methods according to the first aspect.
According to a fourth aspect, this invention therefore relates also to a cryptographic device 101 comprising:
    • a processing system having at least one hardware processor 201 configured to perform the steps of the methods according to the first aspect,
    • at least one memory for storing the first and second masked values and the results of the calculations performed during the different computing steps.

Claims (27)

The invention claimed is:
1. A method secured against side channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations,
wherein said method is performed by a cryptographic device (101) comprising a processing system (201) having at least one hardware processor, and said operation has a first value (x) and a second value (y) as operands, wherein computing steps performing said arithmetic operation being a mix of Boolean and arithmetic operations between said first value (x) and said second value (y) are performed without directly operating on the first value (x) and the second value (y) and therefore not being susceptible to revealing information concerning the first value (x) or the second value (y), the method comprising:
obtaining (S1) a first masked value (x′), a second masked value (y′), a first Boolean mask (rx), a second Boolean mask (ry), said first masked value (x′) resulting from masking said first value (x) by said first Boolean mask (rx) by performing a Boolean exclusive OR (XOR) operation between said first value (x) and said first Boolean mask (rx), and said second masked value (y′) resulting from masking said second value (y) by said second Boolean mask (ry) by performing a Boolean exclusive OR (XOR) operation between said second value (y) and said second Boolean mask (ry),
performing (S2) in any order a plurality of computing steps combining values among said first masked value (x′), said second masked value (y′), said first Boolean mask (rx) and said second Boolean mask (ry) to obtain a boolean masked result equal to the result of the arithmetic operation having said first value (x) and said second value (y) as operands, masked by a third boolean mask (rx xor ry) resulting from performing said Boolean exclusive OR (XOR) operation between said first Boolean mask (rx) and said second Boolean mask (ry) ((x+y) xor (rx xor ry)),
wherein said computing steps comprise a constant number of elementary operations whatever the bit-size of said first and second values,
outputting (S3) said boolean masked result of the arithmetic operation between said first value (x) and said second value (y).
2. The method of claim 1, wherein each computing step (S2) combines a plurality of values among: said first masked value (x′), said second masked value (y′), said first value (x) masked by said second Boolean mask (ry), said second value (y) masked by said first Boolean mask (rx), said first value (x) masked with said second masked value (y′) as Boolean mask, said second value (y) masked with said first masked value (x′) as Boolean mask, said first boolean mask (rx), and said second boolean mask (ry).
3. The method of claim 2, wherein said computing steps (S2) comprise:
a first computing step (S21) computing a first intermediate value A from said first masked value x′, said second boolean mask ry, said second masked value y′ and said first boolean mask rx such that A=(x′ xor ry)+(y′ xor rx),
a second computing step (S22) computing a second intermediate value B from said first masked value x′, said second masked value y′, said first boolean mask rx, and said second boolean mask ry such that B=(x′ xor y′)+(rx xor ry),
a third computing step (S23) computing a third intermediate value C from said first masked value x′, said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR (XOR) operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
4. The method of claim 2, wherein said computing steps (S2) comprise:
a first computing step (S21′) computing a first intermediate value A from said first boolean mask rx, and said second value y masked with said first masked value x′ as Boolean mask such that A=rx+(y xor x′),
a second computing step (S22′) computing a second intermediate value B from said first masked value x′ and said second value y masked by said first Boolean mask rx such that B=x′+(y xor rx),
a third computing step (S23′) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24′) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
5. The method of claim 2, wherein said computing steps comprise:
a first computing step (S21″) computing a first intermediate value A from said second boolean mask ry and said first value x masked with said second masked value y′ as Boolean mask such that A=ry+(x xor y′),
a second computing step (S22″) computing a second intermediate value B from said second masked value y′ and said first value x masked by said second Boolean mask ry such that B=y′+(x xor ry),
a third computing step (S23″) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24″) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said Boolean exclusive OR operation.
6. The method of claim 1, comprising blinding (S25) two values among the first, second and third intermediate values (A, B, C) computed during said first, second and third computing steps using a random value (rand).
7. The method of claim 6, wherein the step of blinding an intermediate value comprises:
arithmetically masking said intermediate value by performing an arithmetic operation with said random value (rand)
and performing an arithmetic masking to boolean masking conversion of said arithmetically masked intermediate value into a Boolean masked intermediate value masked by the random value using a precomputed table.
8. The method of claim 1, wherein the cryptographic algorithm performs functions among a hash function, a block cipher and a stream cipher.
9. The method of claim 8, wherein the hash function is among MD5, SHA1, SHA256, SHA512, Skein functions, the block cipher is among XTEA, FEAL, SPECK, Threefish functions and/or the stream cipher is among Salsa20, ChaCha functions.
10. A non-transitory computer readable medium storing executable computer code that when executed by a cryptographic device (101) comprising a processing system (201) having at least one hardware processor performs an operation that has a first value (x) and a second value (y) as operands, wherein computing steps performed by said hardware processor being a mix of Boolean and arithmetic operations between said first value (x) and said second value (y) are performed without directly operating on the first value (x) and the second value (y) and therefore not being susceptible to revealing information concerning the first value (x) or the second value (y), instructions causing the hardware processor to perform the steps:
obtaining (S1) a first masked value (x′), a second masked value (y′), a first Boolean mask (rx), a second Boolean mask (ry),
said first masked value (x′) resulting from masking said first value (x) by said first Boolean mask (rx) by performing a Boolean exclusive OR (XOR) operation between said first value (x) and said first Boolean mask (rx),
and said second masked value (y′) resulting from masking said second value (y) by said second Boolean mask (ry) by performing a Boolean exclusive OR (XOR) operation between said second value (y) and said second Boolean mask (ry),
performing (S2) in any order a plurality of computing steps combining values among said first masked value (x′), said second masked value (y′), said first Boolean mask (rx) and said second Boolean mask (ry) to obtain a boolean masked result equal to the result of the arithmetic operation having said first value (x) and said second value (y) as operands, masked by a third boolean mask (rx xor ry) resulting from performing said Boolean exclusive OR (XOR) operation between said first Boolean mask (rx) and said second Boolean mask (ry) ((x+y) xor (rx xor ry)),
wherein said computing steps comprise a constant number of elementary operations whatever the bit-size of said first and second values,
outputting (S3) said boolean masked result of the arithmetic operation between said first value (x) and said second value (y).
11. Cryptographic device (101) comprising:
a processing system (201) having at least one hardware processor configured to perform an operation that has a first value (x) and a second value (y) as operands, wherein computing steps performed by said hardware processor being a mix of Boolean and arithmetic operations between said first value (x) and said second value (y) are performed without directly operating on the first value (x) and the second value (y) and therefore not being susceptible to revealing information concerning the first value (x) or the second value (y), wherein the hardware processor is configured to perform the steps of:
obtaining (S1) a first masked value (x′), a second masked value (y′), a first Boolean mask (rx), a second Boolean mask (ry),
said first masked value (x′) resulting from masking said first value (x) by said first Boolean mask (rx) by performing a Boolean exclusive OR (XOR) operation between said first value (x) and said first Boolean mask (rx),
and said second masked value (y′) resulting from masking said second value (y) by said second Boolean mask (ry) by performing a Boolean exclusive OR (XOR) operation between said second value (y) and said second Boolean mask (ry),
performing (S2) in any order a plurality of computing steps combining values among said first masked value (x′), said second masked value (y′), said first Boolean mask (rx) and said second Boolean mask (ry) to obtain a boolean masked result equal to the result of the arithmetic operation having said first value (x) and said second value (y) as operands, masked by a third boolean mask (rx xor ry) resulting from performing said Boolean exclusive OR (XOR) operation between said first Boolean mask (rx) and said second Boolean mask (ry) ((x+y) xor (rx xor ry)),
wherein said computing steps comprise a constant number of elementary operations whatever the bit-size of said first and second values,
outputting (S3) said boolean masked result of the arithmetic operation between said first value (x) and said second value (y); and
at least one memory (203, 204, 205) for storing the first and second masked values and the results of the calculations performed during the different computing steps.
12. The non-transitory computer readable medium storing executable computer code of claim 10 wherein each computing step (S2) combines a plurality of values among: said first masked value (x′), said second masked value (y′), said first value (x) masked by said second Boolean mask (ry), said second value (y) masked by said first Boolean mask (rx), said first value (x) masked with said second masked value (y′) as Boolean mask, said second value (y) masked with said first masked value (x′) as Boolean mask, said first boolean mask (rx), and said second boolean mask (ry).
13. The non-transitory computer readable medium storing executable computer code of claim 10 wherein said computing steps (S2) comprise:
a first computing step (S21) computing a first intermediate value A from said first masked value x′, said second boolean mask ry, said second masked value y′ and said first boolean mask rx such that A=(x′ xor ry)+(y′ xor rx),
a second computing step (S22) computing a second intermediate value B from said first masked value x′, said second masked value y′, said first boolean mask rx, and said second boolean mask ry such that B=(x′ xor y′)+(rx xor ry),
a third computing step (S23) computing a third intermediate value C from said first masked value x′, said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR (XOR) operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
14. The non-transitory computer readable medium storing executable computer code of claim 10 wherein said computing steps (S2) comprise:
a first computing step (S21′) computing a first intermediate value A from said first boolean mask rx, and said second value y masked with said first masked value x′ as Boolean mask such that A=rx+(y xor x′),
a second computing step (S22′) computing a second intermediate value B from said first masked value x′ and said second value y masked by said first Boolean mask rx such that B=x′+(y xor rx),
a third computing step (S23′) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24′) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
15. The non-transitory computer readable medium storing executable computer code of claim 10 wherein said computing steps comprise:
a first computing step (S21″) computing a first intermediate value A from said second boolean mask ry and said first value x masked with said second masked value y′ as Boolean mask such that A=ry+(x xor y′),
a second computing step (S22″) computing a second intermediate value B from said second masked value y′ and said first value x masked by said second Boolean mask ry such that B=y′+(x xor ry),
a third computing step (S23″) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24″) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said Boolean exclusive OR operation.
16. The non-transitory computer readable medium storing executable computer code of claim 10, wherein the executable computer code further causes the hardware processor to perform a step of blinding (S25) two values among the first, second and third intermediate values (A, B, C) computed during said first, second and third computing steps using a random value (rand).
17. The non-transitory computer readable medium storing executable computer code of claim 16 wherein the step of blinding an intermediate value comprises:
arithmetically masking said intermediate value by performing an arithmetic operation with said random value (rand)
and performing an arithmetic masking to boolean masking conversion of said arithmetically masked intermediate value into a Boolean masked intermediate value masked by the random value using a precomputed table.
18. The non-transitory computer readable medium storing executable computer code of claim 10 wherein the cryptographic algorithm performs functions among a hash function, a block cipher and a stream cipher.
19. The non-transitory computer readable medium storing executable computer code of claim 10 wherein the hash function is among MD5, SHA1, SHA256, SHA512, Skein functions, the block cipher is among XTEA, FEAL, SPECK, Threefish functions and/or the stream cipher is among Salsa20, ChaCha functions.
20. The cryptographic device of claim 11 wherein each computing step (S2) combines a plurality of values among: said first masked value (x′), said second masked value (y′), said first value (x) masked by said second Boolean mask (ry), said second value (y) masked by said first Boolean mask (rx), said first value (x) masked with said second masked value (y′) as Boolean mask, said second value (y) masked with said first masked value (x′) as Boolean mask, said first boolean mask (rx), and said second boolean mask (ry).
21. The cryptographic device of claim 11 wherein said computing steps (S2) comprise:
a first computing step (S21) computing a first intermediate value A from said first masked value x′, said second boolean mask ry, said second masked value y′ and said first boolean mask rx such that A=(x′ xor ry)+(y′ xor rx),
a second computing step (S22) computing a second intermediate value B from said first masked value x′, said second masked value y′, said first boolean mask rx, and said second boolean mask ry such that B=(x′ xor y′)+(rx xor ry),
a third computing step (S23) computing a third intermediate value C from said first masked value x′, said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR (XOR) operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
22. The cryptographic device of claim 11 wherein said computing steps (S2) comprise:
a first computing step (S21′) computing a first intermediate value A from said first boolean mask rx, and said second value y masked with said first masked value x′ as Boolean mask such that A=rx+(y xor x′),
a second computing step (S22′) computing a second intermediate value B from said first masked value x′ and said second value y masked by said first Boolean mask rx such that B=x′+(y xor rx),
a third computing step (S23′) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24′) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said boolean exclusive OR operation.
23. The cryptographic device of claim 11 wherein said computing steps comprise:
a first computing step (S21″) computing a first intermediate value A from said second boolean mask ry and said first value x masked with said second masked value y′ as Boolean mask such that A=ry+(x xor y′),
a second computing step (S22″) computing a second intermediate value B from said second masked value y′ and said first value x masked by said second Boolean mask ry such that B=y′+(x xor ry),
a third computing step (S23″) computing a third intermediate value C from said first masked value x′ and said second masked value y′ such that C=x′ xor y′,
a fourth computing step (S24″) computing said boolean masked result of the arithmetic operation between said first value (x) and said second value (y) by performing said boolean exclusive OR operation between said first, second, and third intermediate values (A xor B xor C),
wherein “+” is an arithmetic operation among an addition or a substraction modulo 2{circumflex over ( )}k with k an integer, and “xor” is said Boolean exclusive OR operation.
24. The cryptographic device of claim 11, wherein the executable computer code further causes the hardware processor to perform a step of blinding (S25) two values among the first, second and third intermediate values (A, B, C) computed during said first, second and third computing steps using a random value (rand).
25. The non-transitory computer readable medium storing executable computer code of claim 24 wherein the step of blinding an intermediate value comprises:
arithmetically masking said intermediate value by performing an arithmetic operation with said random value (rand)
and performing an arithmetic masking to boolean masking conversion of said arithmetically masked intermediate value into a Boolean masked intermediate value masked by the random value using a precomputed table.
26. The cryptographic device of claim 11 wherein the cryptographic algorithm performs functions among a hash function, a block cipher and a stream cipher.
27. The cryptographic device of claim 11 wherein the hash function is among MD5, SHA1, SHA256, SHA512, Skein functions, the block cipher is among XTEA, FEAL, SPECK, Threefish functions and/or the stream cipher is among Salsa20, ChaCha functions.
US17/048,262 2018-04-17 2019-04-16 Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations Active US11385893B2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
EP18305471 2018-04-17
EP18305471.7 2018-04-17
EP18305471.7A EP3557813A1 (en) 2018-04-17 2018-04-17 Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing boolean and arithmetic operations
PCT/EP2019/059836 WO2019201944A1 (en) 2018-04-17 2019-04-16 Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing boolean and arithmetic operations

Publications (2)

Publication Number Publication Date
US20210157586A1 US20210157586A1 (en) 2021-05-27
US11385893B2 true US11385893B2 (en) 2022-07-12

Family

ID=62909463

Family Applications (1)

Application Number Title Priority Date Filing Date
US17/048,262 Active US11385893B2 (en) 2018-04-17 2019-04-16 Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations

Country Status (3)

Country Link
US (1) US11385893B2 (en)
EP (2) EP3557813A1 (en)
WO (1) WO2019201944A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11822704B2 (en) * 2018-10-29 2023-11-21 Cryptography Research, Inc. Constant time secure arithmetic-to-Boolean mask conversion
US11507699B2 (en) * 2019-09-27 2022-11-22 Intel Corporation Processor with private pipeline
FR3101983B1 (en) 2019-10-11 2021-11-12 St Microelectronics Grenoble 2 Determining an indicator bit
FR3101982B1 (en) 2019-10-11 2024-03-08 St Microelectronics Grenoble 2 Determining an indicator bit
FR3101980B1 (en) * 2019-10-11 2021-12-10 St Microelectronics Grenoble 2 Processor
US11599680B2 (en) * 2019-11-20 2023-03-07 Meta Platforms Technologies, Llc Encryption and decryption engines with hybrid masking to prevent side channel attacks
FR3134909B1 (en) * 2022-04-25 2024-06-21 Commissariat Energie Atomique PROTECTING AGAINST SIDE-CHANNEL ATTACKS USING SQUARE MASKING

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050232430A1 (en) * 2004-04-16 2005-10-20 Gebotys Catherine H Security countermeasures for power analysis attacks
WO2008064704A1 (en) * 2006-11-30 2008-06-05 Telecom Italia S.P.A Method and device for preventing information leakage attacks on a device implementing a cryptographic function
US8050402B2 (en) * 2004-12-01 2011-11-01 Telecom Italia S.P.A. Method and related device for hardware-oriented conversion between arithmetic and boolean random masking
US8553877B2 (en) * 2007-10-01 2013-10-08 Blackberry Limited Substitution table masking for cryptographic processes
US8681985B2 (en) * 2010-01-20 2014-03-25 Electronics & Telecommunications Research Institute Masking operation method and device for symmetric key encrypted system
US20150110266A1 (en) * 2012-03-02 2015-04-23 Gemalto Sa Countermeasure method against side channel analysis for cryptographic algorithms using boolean operations and arithmetic operations
US9166789B2 (en) * 2012-03-06 2015-10-20 Kabushiki Kaisha Toshiba Cryptographic processing apparatus
US20180183576A1 (en) * 2016-12-22 2018-06-28 Shenzhen State Micro Technology Co Ltd Mask s-box, block ciphers algorithm device and corresponding construction process
US10333699B1 (en) * 2015-09-30 2019-06-25 Cryptography Research, Inc. Generating a pseudorandom number based on a portion of shares used in a cryptographic operation
US10505711B2 (en) * 2016-02-22 2019-12-10 Eshard Method of protecting a circuit against a side-channel analysis
US10699030B2 (en) * 2014-12-30 2020-06-30 Cryptography Research Inc. Determining cryptographic operation masks for improving resistance to external monitoring attacks
US10871947B2 (en) * 2016-03-03 2020-12-22 Cryptography Research, Inc. Converting a boolean masked value to an arithmetically masked value for cryptographic operations

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2884387B1 (en) 2013-12-13 2016-09-14 Thomson Licensing Efficient modular addition resistant to side-channel attacks

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050232430A1 (en) * 2004-04-16 2005-10-20 Gebotys Catherine H Security countermeasures for power analysis attacks
US8050402B2 (en) * 2004-12-01 2011-11-01 Telecom Italia S.P.A. Method and related device for hardware-oriented conversion between arithmetic and boolean random masking
WO2008064704A1 (en) * 2006-11-30 2008-06-05 Telecom Italia S.P.A Method and device for preventing information leakage attacks on a device implementing a cryptographic function
US8553877B2 (en) * 2007-10-01 2013-10-08 Blackberry Limited Substitution table masking for cryptographic processes
US8681985B2 (en) * 2010-01-20 2014-03-25 Electronics & Telecommunications Research Institute Masking operation method and device for symmetric key encrypted system
US20150110266A1 (en) * 2012-03-02 2015-04-23 Gemalto Sa Countermeasure method against side channel analysis for cryptographic algorithms using boolean operations and arithmetic operations
US9166789B2 (en) * 2012-03-06 2015-10-20 Kabushiki Kaisha Toshiba Cryptographic processing apparatus
US10699030B2 (en) * 2014-12-30 2020-06-30 Cryptography Research Inc. Determining cryptographic operation masks for improving resistance to external monitoring attacks
US10333699B1 (en) * 2015-09-30 2019-06-25 Cryptography Research, Inc. Generating a pseudorandom number based on a portion of shares used in a cryptographic operation
US10505711B2 (en) * 2016-02-22 2019-12-10 Eshard Method of protecting a circuit against a side-channel analysis
US10871947B2 (en) * 2016-03-03 2020-12-22 Cryptography Research, Inc. Converting a boolean masked value to an arithmetically masked value for cryptographic operations
US20180183576A1 (en) * 2016-12-22 2018-06-28 Shenzhen State Micro Technology Co Ltd Mask s-box, block ciphers algorithm device and corresponding construction process

Non-Patent Citations (8)

* Cited by examiner, † Cited by third party
Title
CORON J.-S.; TCHULKINE A.: "A New Algorithm for Switching from Arithmetic to Boolean Masking", ELECTRONIC PUBLISHING, ARTISTIC IMAGING, AND DIGITAL TYPOGRAPHY, SPRINGER VERLAG, DE, vol. 2779, 1 January 2003 (2003-01-01), DE , pages 89 - 97, XP002340677, ISBN: 978-3-540-24128-7
Coron J-S et al: "A New Algorithm for Switching from Arithmetic to Boolean Masking", Electronic Publishing, Artistic Imaging, and Digital Typography; [Lecture Notes in Computer Science, ISSN 0302-9743], Springer Verlag, DE, vol. 2779, Jan. 1, 2003, pp. 89-97, XP002340677, ISBN: 978-3-540-24128-7 p. 91, line 26-p. 92, line 9.
Fischer, W. et.al., Cryptographic Hardware and Embedded Systems Ches 2017, 2017, Springer, pp. 3-154. (Year: 2017). *
Fukushima, K., et al., Fault Injection Attack on Salsa20 and ChaCha and a Lightweight Countermeasure, 2017, IEEE, pp. 1032-1037. (Year: 2017). *
Leander, G., Fast Software Encrpytion, 2015, Springer, pp. 3-175. (Year: 2015). *
Mohamet Karroumi et al: "Addition with Blinded Operands", Constructive Side-Channel Analysis and Secure Design (COSADE 2014), Apr. 14, 2014, XP055506390, Cham ISBN: 978-3-319-10175-0 Retrieved from the Internet: URL: http://Link.Springer.com/10.1007/978-3-319-10175-0 [retrieved on Sep. 12, 2018].
PCT/EP2019/059836, International Search Report, dated May 2, 2019, European Patent Office, P.B.5818 Patentlaan 2 NL—2280 HV Rijswijk.
PCT/EP2019/059836, Written Opinion of the International Searching Authority, dated May 2, 2019, European Patent Office, D-80298 Munich.

Also Published As

Publication number Publication date
US20210157586A1 (en) 2021-05-27
EP3782324A1 (en) 2021-02-24
EP3557813A1 (en) 2019-10-23
WO2019201944A1 (en) 2019-10-24

Similar Documents

Publication Publication Date Title
US11385893B2 (en) Method secured against side-channel attacks performing an arithmetic operation of a cryptographic algorithm mixing Boolean and arithmetic operations
US11733966B2 (en) Protection system and method
Coron et al. Conversion from arithmetic to boolean masking with logarithmic complexity
US11256478B2 (en) Method for securing a cryptographic process with SBOX against high-order side-channel attacks
US10367637B2 (en) Modular exponentiation with transparent side channel attack countermeasures
US8009827B2 (en) Encryption processing method and encryption processing device
US8976960B2 (en) Methods and apparatus for correlation protected processing of cryptographic operations
CN106233660B (en) Encryption processing device, encryption processing method, and program
US10305689B2 (en) Encryption apparatus, decryption apparatus, cryptography processing system, encryption method, decryption method, encryption program, and decryption program
US11695542B2 (en) Technology for generating a keystream while combatting side-channel attacks
US11269993B2 (en) Encryption device, encryption method, decryption device, and decryption method
US20150349951A1 (en) Protecting Cryptographic Operations Using Conjugacy Class Functions
US20250055687A1 (en) Method secured against side-channel attacks performing a cryptographic algorithm comprising a polynomial operation
US10341089B2 (en) High-speed AES with transformed keys
US9571269B2 (en) Encryption device, encryption method and program
US20080130869A1 (en) Method to Secure an Electronic Assembly Against Attacks by Error Introduction
CN115934031B (en) Computing engine, data processing method, device and storage medium
EP3054620A1 (en) System and method for performing block cipher cryptography by implementing a mixer function that includes a substitution-box and a linear transformation using a lookup-table
US20240007266A1 (en) Reconfigurable side-channel resistant double-throughput aes accelerator
Chaves et al. SCA-Resistance for AES: How Cheap Can We Go?
JP7383949B2 (en) Information processing equipment and programs
EP3703305A1 (en) Method secured against side-channel attacks with a new masking scheme protecting linear operations of a cryptographic algorithm
KR101281275B1 (en) Obfuscation method for process of encrypting/decrypting block cipher using boolean function expression and apparatus for the same
US20250047461A1 (en) Elliptic curve cryptography masked blinding countermeasure
US20250086313A1 (en) Secure processing system and method

Legal Events

Date Code Title Description
AS Assignment

Owner name: THALES DIS FRANCE SA, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VIGILANT, DAVID;REEL/FRAME:054076/0655

Effective date: 20201008

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: APPLICATION DISPATCHED FROM PREEXAM, NOT YET DOCKETED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: THALES DIS FRANCE SAS, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:THALES DIS FRANCE SA;REEL/FRAME:064235/0673

Effective date: 20211215